people/teissler/ipfire-2.x.git
7 years agofirewall: rules.pl: Honour time constraints for NAT rules as well.
Michael Tremer [Fri, 21 Mar 2014 12:39:03 +0000 (13:39 +0100)] 
firewall: rules.pl: Honour time constraints for NAT rules as well.

7 years agofirewall: rules.pl: Catch invalid configurations.
Michael Tremer [Fri, 21 Mar 2014 12:33:08 +0000 (13:33 +0100)] 
firewall: rules.pl: Catch invalid configurations.

7 years agofirewall: rules.pl: Allow REDIRECT rules.
Michael Tremer [Fri, 21 Mar 2014 12:28:00 +0000 (13:28 +0100)] 
firewall: rules.pl: Allow REDIRECT rules.

7 years agoFirewall: Allow DNAT with target firewall
Alexander Marx [Fri, 21 Mar 2014 11:54:12 +0000 (12:54 +0100)] 
Firewall: Allow DNAT with target firewall

7 years agoFirewall: Rename defaultNetworks to netsettings
Alexander Marx [Fri, 21 Mar 2014 11:20:50 +0000 (12:20 +0100)] 
Firewall: Rename defaultNetworks to netsettings

7 years agoFirewall: DNAT - Show right DNAT interface in ruletable
Alexander Marx [Fri, 21 Mar 2014 07:28:24 +0000 (08:28 +0100)] 
Firewall: DNAT - Show right DNAT interface in ruletable

Now:
When using a hostgroup as source there are all corresponding DNAT
interfaces shown in ruletable depending on the entries in the group.

When in DNAT area "-automatic" is selected, the DNAT interfaces are
shown as IP-Addresses, else they are shown as "ORANGE","GREEN","BLUE"...

BUGFIX: When there is a MAC address used in a sourcegroup, the rules could not be set. Now MAC addresses get allways the public interface as DNAT

7 years agoFirewall: Move some functions from rules.pl to firewall-lib.pl
Alexander Marx [Thu, 20 Mar 2014 16:27:53 +0000 (17:27 +0100)] 
Firewall: Move some functions from rules.pl to firewall-lib.pl

7 years agofirewall: rules.pl: Fix rules with other NAT port.
Michael Tremer [Fri, 21 Mar 2014 11:40:55 +0000 (12:40 +0100)] 
firewall: rules.pl: Fix rules with other NAT port.

7 years agoUpdate translations.
Michael Tremer [Thu, 20 Mar 2014 22:07:26 +0000 (23:07 +0100)] 
Update translations.

7 years agoFirewall: DNAT - always show right red address in dropdown.
Alexander Marx [Thu, 20 Mar 2014 15:23:47 +0000 (16:23 +0100)] 
Firewall: DNAT - always show right red address in dropdown.

Edited language String in DNAT area: external ip address is now Firewall
Interface

7 years agoMerge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Wed, 19 Mar 2014 18:07:27 +0000 (19:07 +0100)] 
Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next

7 years agohostapd: enable CONFIG_ACS for dfs channels.
Arne Fitzenreiter [Wed, 19 Mar 2014 18:03:22 +0000 (19:03 +0100)] 
hostapd: enable CONFIG_ACS for dfs channels.

7 years agohostapd: change channellist and status for dfs channels.
Arne Fitzenreiter [Wed, 19 Mar 2014 18:00:47 +0000 (19:00 +0100)] 
hostapd: change channellist and status for dfs channels.

7 years agocore76: add wpa_supplicant to update.
Arne Fitzenreiter [Wed, 19 Mar 2014 08:05:37 +0000 (09:05 +0100)] 
core76: add wpa_supplicant to update.

7 years agoMerge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Wed, 19 Mar 2014 06:23:40 +0000 (07:23 +0100)] 
Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next

7 years agohostapd: update to 2.1.
Arne Fitzenreiter [Wed, 19 Mar 2014 06:22:49 +0000 (07:22 +0100)] 
hostapd: update to 2.1.

7 years agofirewall: rules.pl: Add support for auto selection of NAT addresses.
Michael Tremer [Tue, 18 Mar 2014 22:49:23 +0000 (23:49 +0100)] 
firewall: rules.pl: Add support for auto selection of NAT addresses.

7 years agoFirewall: select right value in DNAT Dropdown
Alexander Marx [Tue, 18 Mar 2014 14:13:02 +0000 (15:13 +0100)] 
Firewall: select right value in DNAT Dropdown

7 years agoFirewall: extend DNAT dropdown with auto,BLUE,ORANGE,GREEN
Alexander Marx [Tue, 18 Mar 2014 14:02:55 +0000 (15:02 +0100)] 
Firewall: extend DNAT dropdown with auto,BLUE,ORANGE,GREEN

7 years agoopenssh: Update to 6.6p1.
Michael Tremer [Tue, 18 Mar 2014 17:03:14 +0000 (18:03 +0100)] 
openssh: Update to 6.6p1.

7 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Tue, 18 Mar 2014 17:00:42 +0000 (18:00 +0100)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

7 years agocore76: add tzdata to update.
Arne Fitzenreiter [Tue, 18 Mar 2014 06:28:13 +0000 (07:28 +0100)] 
core76: add tzdata to update.

7 years agotzdata: fix rootfile.
Arne Fitzenreiter [Tue, 18 Mar 2014 06:20:41 +0000 (07:20 +0100)] 
tzdata: fix rootfile.

7 years agoinitskripts: add pcengines apu support to leds.
Arne Fitzenreiter [Mon, 17 Mar 2014 23:25:08 +0000 (00:25 +0100)] 
initskripts: add pcengines apu support to leds.

7 years agoMerge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Mon, 17 Mar 2014 23:22:24 +0000 (00:22 +0100)] 
Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next

7 years agokernel: add pcengines apu led support.
Arne Fitzenreiter [Mon, 17 Mar 2014 23:21:38 +0000 (00:21 +0100)] 
kernel: add pcengines apu led support.

7 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Mon, 17 Mar 2014 21:04:48 +0000 (22:04 +0100)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

7 years agoMerge remote-tracking branch 'alfh/feature_firewalllog_centergraph' into next
Michael Tremer [Mon, 17 Mar 2014 21:04:44 +0000 (22:04 +0100)] 
Merge remote-tracking branch 'alfh/feature_firewalllog_centergraph' into next

7 years agofirewall: rules.pl: Code cleanup.
Michael Tremer [Mon, 17 Mar 2014 17:03:00 +0000 (18:03 +0100)] 
firewall: rules.pl: Code cleanup.

7 years agofirewall: Fix DNAT rules between internal zones.
Michael Tremer [Mon, 17 Mar 2014 16:39:47 +0000 (17:39 +0100)] 
firewall: Fix DNAT rules between internal zones.

7 years agofirewall: rules.pl: Sanitise source and destination IP addresses.
Michael Tremer [Mon, 17 Mar 2014 14:47:28 +0000 (15:47 +0100)] 
firewall: rules.pl: Sanitise source and destination IP addresses.

Those variables are now empty if source or destination are
unspecified.

7 years agodialctrl: Remove defunct script.
Michael Tremer [Mon, 17 Mar 2014 13:17:44 +0000 (14:17 +0100)] 
dialctrl: Remove defunct script.

7 years agoFirewall: Bugfix: Remark in hostgroups and servicegroups was not changeable
Alexander Marx [Mon, 17 Mar 2014 06:22:24 +0000 (07:22 +0100)] 
Firewall: Bugfix: Remark in hostgroups and servicegroups was not changeable

Another Bugfix: Layout of hostgroups was broken when more than 1 vpn
connection is defined. There where dropdownboxes for every vpn
connection instead of only one

7 years agoUpdate Turkish translation.
Ersan Yildirim [Mon, 17 Mar 2014 11:38:22 +0000 (12:38 +0100)] 
Update Turkish translation.

7 years agotzdata: Update to 2014a.
Michael Tremer [Sun, 16 Mar 2014 15:02:18 +0000 (16:02 +0100)] 
tzdata: Update to 2014a.

7 years agosudo: Update to 1.8.10p1.
Michael Tremer [Sat, 15 Mar 2014 14:08:37 +0000 (15:08 +0100)] 
sudo: Update to 1.8.10p1.

7 years agoMerge branch 'next' of https://github.com/ipfire/ipfire-2.x into feature_firewalllog_...
Alf H√łgemark [Sat, 15 Mar 2014 07:47:56 +0000 (08:47 +0100)] 
Merge branch 'next' of https://github.com/ipfire/ipfire-2.x into feature_firewalllog_centergraph

7 years agoipfire theme: Fix default setting for hostname in title.
Michael Tremer [Thu, 13 Mar 2014 14:43:52 +0000 (15:43 +0100)] 
ipfire theme: Fix default setting for hostname in title.

7 years agofwhost.cgi: disable "use warnings"
Alexander Marx [Thu, 13 Mar 2014 14:35:14 +0000 (15:35 +0100)] 
fwhost.cgi: disable "use warnings"

7 years agoUpdate translations.
Michael Tremer [Thu, 13 Mar 2014 14:37:05 +0000 (15:37 +0100)] 
Update translations.

7 years agoMerge remote-tracking branch 'amarx/BETA3' into next
Michael Tremer [Thu, 13 Mar 2014 14:32:00 +0000 (15:32 +0100)] 
Merge remote-tracking branch 'amarx/BETA3' into next

7 years agoentropy graph: Remove trend line.
Michael Tremer [Thu, 13 Mar 2014 14:29:53 +0000 (15:29 +0100)] 
entropy graph: Remove trend line.

7 years agoAdd link to entropy page and show if there is hardware support available.
Michael Tremer [Thu, 13 Mar 2014 14:27:14 +0000 (15:27 +0100)] 
Add link to entropy page and show if there is hardware support available.

7 years agoVPN Checksubnets: Buttons are now Language Strings
Alexander Marx [Thu, 13 Mar 2014 14:27:01 +0000 (15:27 +0100)] 
VPN Checksubnets: Buttons are now Language Strings

7 years agoVPN Checksubnets: Now the remote subnets (OpenVPN/IPSec) are checked. If they are...
Alexander Marx [Thu, 13 Mar 2014 14:09:01 +0000 (15:09 +0100)] 
VPN Checksubnets: Now the remote subnets (OpenVPN/IPSec) are checked. If they are defined elsewhere, there's a warningmessage displayed

7 years agoFirewall: When delting an OpenVPN or IPSec connection, the rules are only colored...
Alexander Marx [Thu, 13 Mar 2014 12:53:39 +0000 (13:53 +0100)] 
Firewall: When delting an OpenVPN or IPSec connection, the rules are only colored yellow and the firewallrules are reloaded automatically

7 years agoFirewall: When delting an OpenVPN or IPSec connection, the rules are only colored...
Alexander Marx [Thu, 13 Mar 2014 12:53:39 +0000 (13:53 +0100)] 
Firewall: When delting an OpenVPN or IPSec connection, the rules are only colored yellow and the firewallrules are reloaded automatically

7 years agosamba: update to 3.6.23.
Arne Fitzenreiter [Thu, 13 Mar 2014 11:45:56 +0000 (12:45 +0100)] 
samba: update to 3.6.23.

7 years agolinux: Remove disabling of loading the pcspkr module.
Michael Tremer [Tue, 11 Mar 2014 20:47:16 +0000 (21:47 +0100)] 
linux: Remove disabling of loading the pcspkr module.

7 years agobeep: Update to 1.3.
Michael Tremer [Tue, 11 Mar 2014 17:03:59 +0000 (18:03 +0100)] 
beep: Update to 1.3.

7 years agoMerge remote-tracking branch 'amarx/INDEX' into next
Michael Tremer [Mon, 10 Mar 2014 20:35:15 +0000 (21:35 +0100)] 
Merge remote-tracking branch 'amarx/INDEX' into next

7 years agofirewall: Add auxiliary rules for firewall access.
Michael Tremer [Mon, 10 Mar 2014 18:40:20 +0000 (19:40 +0100)] 
firewall: Add auxiliary rules for firewall access.

Rules for accessing the firewall are added when access
to networks (GREEN, BLUE, ...) the firewall resides in is allowed.

7 years agovpnmain.cgi: Remove left-over </td> tag.
Michael Tremer [Mon, 10 Mar 2014 15:11:50 +0000 (16:11 +0100)] 
vpnmain.cgi: Remove left-over </td> tag.

7 years agographs.pl : fixed layout on Nexus 7 devices "hour-Day-week-month-year" now on top...
Alexander Marx [Mon, 10 Mar 2014 11:54:06 +0000 (12:54 +0100)] 
graphs.pl : fixed layout on Nexus 7 devices "hour-Day-week-month-year" now on top of graph

7 years agoindex.cgi: fix colors and tables for vpn connections
Alexander Marx [Mon, 10 Mar 2014 11:22:32 +0000 (12:22 +0100)] 
index.cgi: fix colors and tables for vpn connections

7 years agoipsec: Allow to create firewall rules for IPsec input as well.
Michael Tremer [Sat, 8 Mar 2014 16:29:47 +0000 (17:29 +0100)] 
ipsec: Allow to create firewall rules for IPsec input as well.

7 years agoSet version to 2.15 beta3.
Arne Fitzenreiter [Sat, 8 Mar 2014 13:03:08 +0000 (14:03 +0100)] 
Set version to 2.15 beta3.

7 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Fri, 7 Mar 2014 15:33:42 +0000 (16:33 +0100)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

7 years agosetddns.pl: Use GetDyndnsRedIP from general-functions.pl.
Michael Tremer [Fri, 7 Mar 2014 15:33:03 +0000 (16:33 +0100)] 
setddns.pl: Use GetDyndnsRedIP from general-functions.pl.

http://forum.ipfire.org/index.php?topic=7504.msg63721#msg63721

7 years agokernel: update to 3.10.33.
Arne Fitzenreiter [Fri, 7 Mar 2014 08:29:20 +0000 (09:29 +0100)] 
kernel: update to 3.10.33.

7 years agogpl.cgi: Fix proper redirection so that the agreement has only to be accepted once.
Michael Tremer [Wed, 5 Mar 2014 22:53:21 +0000 (23:53 +0100)] 
gpl.cgi: Fix proper redirection so that the agreement has only to be accepted once.

7 years agofirewall: Filter logging of broadcasts from the internal networks.
Michael Tremer [Wed, 5 Mar 2014 13:07:23 +0000 (14:07 +0100)] 
firewall: Filter logging of broadcasts from the internal networks.

7 years agofirewall: Allow remarks in Unicode.
Michael Tremer [Wed, 5 Mar 2014 12:59:28 +0000 (13:59 +0100)] 
firewall: Allow remarks in Unicode.

7 years agofirewall: Make ICMP ratelimiting a bit saner again.
Michael Tremer [Wed, 5 Mar 2014 11:31:36 +0000 (12:31 +0100)] 
firewall: Make ICMP ratelimiting a bit saner again.

7 years agoMerge remote-tracking branch 'amarx/beta3' into next
Michael Tremer [Wed, 5 Mar 2014 11:25:12 +0000 (12:25 +0100)] 
Merge remote-tracking branch 'amarx/beta3' into next

7 years agoFirewall: Remarkcheck should now support old firewallrules from converter
Alexander Marx [Wed, 5 Mar 2014 07:13:04 +0000 (08:13 +0100)] 
Firewall: Remarkcheck should now support old firewallrules from converter

7 years agoFirewall: When no manual ip is given on rulecreation and rule is added, there's autom...
Alexander Marx [Wed, 5 Mar 2014 07:02:05 +0000 (08:02 +0100)] 
Firewall: When no manual ip is given on rulecreation and rule is added, there's automatically std_networks "ALL" selected

7 years agofirewall: Don't colourise MAC addresses.
Michael Tremer [Tue, 4 Mar 2014 13:26:55 +0000 (14:26 +0100)] 
firewall: Don't colourise MAC addresses.

Fixes #10491.

7 years agofirewall: Extend rate limiting for ICMP error messages.
Michael Tremer [Tue, 4 Mar 2014 13:14:54 +0000 (14:14 +0100)] 
firewall: Extend rate limiting for ICMP error messages.

Fixes #10489.

7 years agofirewall: Add chain name to logged rules.
Michael Tremer [Tue, 4 Mar 2014 11:38:13 +0000 (12:38 +0100)] 
firewall: Add chain name to logged rules.

This helps us to debug faster where a packet has been dropped.

7 years agofirewall: Add rate limiting for LOG messages.
Michael Tremer [Tue, 4 Mar 2014 11:36:52 +0000 (12:36 +0100)] 
firewall: Add rate limiting for LOG messages.

Fixes #10488.

7 years agoFirewall: Now it is possible to just change the remark in input and outgoing
Alexander Marx [Tue, 4 Mar 2014 15:00:14 +0000 (16:00 +0100)] 
Firewall: Now it is possible to just change the remark in input and outgoing

7 years agoFirewall: When no manual ip is given, standard networks "all" is selected
Alexander Marx [Tue, 4 Mar 2014 15:11:35 +0000 (16:11 +0100)] 
Firewall: When no manual ip is given, standard networks "all" is selected

7 years agoFirewall: Now it is possible to just change the remark in input and outgoing
Alexander Marx [Tue, 4 Mar 2014 15:00:14 +0000 (16:00 +0100)] 
Firewall: Now it is possible to just change the remark in input and outgoing

7 years agoFirewall: FIX allowed chars in remark
Alexander Marx [Tue, 4 Mar 2014 14:44:02 +0000 (15:44 +0100)] 
Firewall: FIX allowed chars in remark

7 years agoMerge remote-tracking branch 'amarx/beta3' into next
Michael Tremer [Tue, 4 Mar 2014 13:54:06 +0000 (14:54 +0100)] 
Merge remote-tracking branch 'amarx/beta3' into next

7 years agoFirewall: get rid of /32 subnetz when using manual ip addresses
Alexander Marx [Tue, 4 Mar 2014 13:51:20 +0000 (14:51 +0100)] 
Firewall: get rid of /32 subnetz when using manual ip addresses

7 years agoFirewall: Bugfix - when creating a new hostgroup, the system checked for existing...
Alexander Marx [Tue, 4 Mar 2014 13:40:59 +0000 (14:40 +0100)] 
Firewall: Bugfix - when creating a new hostgroup, the system checked for existing name in servicegroups instead of hostgroups

7 years agofirewall: Don't colourise MAC addresses.
Michael Tremer [Tue, 4 Mar 2014 13:26:55 +0000 (14:26 +0100)] 
firewall: Don't colourise MAC addresses.

Fixes #10491.

7 years agofirewall: Extend rate limiting for ICMP error messages.
Michael Tremer [Tue, 4 Mar 2014 13:14:54 +0000 (14:14 +0100)] 
firewall: Extend rate limiting for ICMP error messages.

Fixes #10489.

7 years agoMerge remote-tracking branch 'amarx/beta3' into next
Michael Tremer [Tue, 4 Mar 2014 13:14:45 +0000 (14:14 +0100)] 
Merge remote-tracking branch 'amarx/beta3' into next

7 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Tue, 4 Mar 2014 13:14:36 +0000 (14:14 +0100)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

7 years agoFirewall: Fix oversized Textfields
Alexander Marx [Tue, 4 Mar 2014 13:07:04 +0000 (14:07 +0100)] 
Firewall: Fix oversized Textfields

7 years agofirewall: Add chain name to logged rules.
Michael Tremer [Tue, 4 Mar 2014 11:38:13 +0000 (12:38 +0100)] 
firewall: Add chain name to logged rules.

This helps us to debug faster where a packet has been dropped.

7 years agofirewall: Add rate limiting for LOG messages.
Michael Tremer [Tue, 4 Mar 2014 11:36:52 +0000 (12:36 +0100)] 
firewall: Add rate limiting for LOG messages.

Fixes #10488.

7 years agoFirewall: Fix Bug 10490 and broken colorization of tables in firewall groups
Alexander Marx [Tue, 4 Mar 2014 10:37:58 +0000 (11:37 +0100)] 
Firewall: Fix Bug 10490 and broken colorization of tables in firewall groups

7 years agokernel: arm-multi: add marvel and allwinner support.
Arne Fitzenreiter [Tue, 4 Mar 2014 06:07:31 +0000 (07:07 +0100)] 
kernel: arm-multi: add marvel and allwinner support.

7 years agovdr: Add eepg plugin.
Michael Tremer [Mon, 3 Mar 2014 15:41:13 +0000 (16:41 +0100)] 
vdr: Add eepg plugin.

7 years agovdr: Add DVBAPI plugin.
Michael Tremer [Mon, 3 Mar 2014 15:31:27 +0000 (16:31 +0100)] 
vdr: Add DVBAPI plugin.

7 years agovdr: Update to 2.0.5.
Michael Tremer [Mon, 3 Mar 2014 15:28:51 +0000 (16:28 +0100)] 
vdr: Update to 2.0.5.

Stupid outdated websites...

7 years agovdr: Update to 2.0.4.
Michael Tremer [Mon, 3 Mar 2014 12:50:37 +0000 (13:50 +0100)] 
vdr: Update to 2.0.4.

7 years agostrongswan: Update to 5.1.2.
Michael Tremer [Mon, 3 Mar 2014 11:27:09 +0000 (12:27 +0100)] 
strongswan: Update to 5.1.2.

http://www.strongswan.org/blog/2014/03/03/strongswan-5.1.2-released.html

7 years agofirewall: Add a trailing space to all log prefixes for better readability.
Michael Tremer [Sun, 2 Mar 2014 21:50:29 +0000 (22:50 +0100)] 
firewall: Add a trailing space to all log prefixes for better readability.

7 years agofirewall: rules.pl: Remove unused variable $time_constraints.
Michael Tremer [Sun, 2 Mar 2014 21:46:17 +0000 (22:46 +0100)] 
firewall: rules.pl: Remove unused variable $time_constraints.

7 years agofirewall: rules.pl: Replace some hardcoded chain names.
Michael Tremer [Sun, 2 Mar 2014 21:44:26 +0000 (22:44 +0100)] 
firewall: rules.pl: Replace some hardcoded chain names.

7 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Sun, 2 Mar 2014 21:38:09 +0000 (22:38 +0100)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

7 years agofirewall: Resurrect port forwardings with different external ports.
Michael Tremer [Sun, 2 Mar 2014 21:35:27 +0000 (22:35 +0100)] 
firewall: Resurrect port forwardings with different external ports.

7 years agofirewall: Telnet uses TCP
Michael Tremer [Sun, 2 Mar 2014 19:48:58 +0000 (20:48 +0100)] 
firewall: Telnet uses TCP

7 years agofirewall: Make OpenVPN access also possible when INPUT policy is REJECT.
Michael Tremer [Sun, 2 Mar 2014 19:40:00 +0000 (20:40 +0100)] 
firewall: Make OpenVPN access also possible when INPUT policy is REJECT.

7 years agofirewall: Allow accessing port forwardings from internal networks.
Michael Tremer [Sun, 2 Mar 2014 19:37:44 +0000 (20:37 +0100)] 
firewall: Allow accessing port forwardings from internal networks.